Boston-Area Hospital to Pay $1.5 Million to Settle HIPAA Violations Over Security Breach


On September 17, 2012, Massachusetts Eye and Ear Infirmary, a Boston area hospital, has agreed to pay $1.5 million to the U.S. Department of Health and Human Services to settle allegations of violations of the HIPAA Security Rule. The hospital was investigated by the Office of Civil Rights (OCR) after the hospital submitted a breach report in April of 2010 notifying the OCR of the theft of a personal laptop containing unencrypted electronic protected health information (PHI) of hospital patients and research subjects.

OCR’s subsequent investigation discovered that the hospital failed to comply with various requirements of the HIPAA Security Rule when it failed to...

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Topics:  Data Breach, Healthcare, Healthcare Professionals, HIPAA, OCR, Penalties, PHI

Published In: Administrative Agency Updates, Health Updates, Privacy Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Thompson Coburn LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »